<?php /** * Returns JSON brief data of section. * * @param number id Section ID. * @param number current_page Current requested page. * @param number filter_sort_order Products page sort order. * * @return array JSON data of section. */ include 'app.inc'; $app = new App(); $error_count = 1; $return = array('product_count' => 0, 'subsection_count' => 0, 'name' => '', 'description' => '', 'product' => array(), 'subsection' => array(), 'error' => ''); $options = $app->fetchAll('SELECT * FROM `options`'); if (count($options)) { foreach ($options as $key => $option) { ${$option}['name'] = $option['value']; } $secId = isset($_GET['id']) ? (int) $_GET['id'] : 1; $current_page = isset($_GET['current_page']) ? (int) $_GET['current_page'] : 1; $filter_sort_order = isset($_GET['filter_sort_order']) ? (int) $_GET['filter_sort_order'] : $filter_sort_order; $filter_minprice = isset($_GET['filter_minprice']) ? (int) $_GET['filter_minprice'] : 0; $filter_maxprice = isset($_GET['filter_maxprice']) ? (int) $_GET['filter_maxprice'] : MAX_PRICE; $filter_stock = isset($_GET['filter_stock']) ? (int) $_GET['filter_stock'] : 0; $products_per_page = (int) $products_per_page < 1 ? 50 : $products_per_page; $current_page = $current_page < 1 ? 1 : $current_page; $filter_maxprice = $filter_maxprice > 0 ? $filter_maxprice : MAX_PRICE; if ($filter_minprice > $filter_maxprice) { $tmp = $filter_maxprice;
} // optimization for search engines: hostname/key1~val1[/key2~val2[/key3~val3 ...]] -> $key1=val1... if (isset($_GET['a'])) { foreach (explode('/', $_GET['a']) as $a) { $a = explode('~', $a); if ($a[0]) { $_GET[$a[0]] = urldecode($a[1]); } } } include_once 'class.template.inc'; include_once 'app.inc'; $template = new Template(ME_WWWROOT); $app = new App(); $template->set_filenames(array('page' => 'tpl/me.tpl')); $options = $app->fetchAll('SELECT * FROM `options`'); foreach ($options as $key => $option) { ${$option}['name'] = $option['value']; } $products_per_page = (int) $products_per_page < 1 ? 15 : $products_per_page; $template->assign_vars(array('copyright' => $copyright, 'currency_exchange_rate' => $currency_exchange_rate, 'short_name' => $name, 'full_name' => $long_name, 'address' => $address, 'email_address' => $shop_mail, 'webadmin_email_address' => $web_admin_mail, 'page_bottom_info' => $page_bottom_info, 'test_branch_min' => APP_TEST_BRANCH ? '' : '.min')); function get_url_compatible($text) { return urlencode(preg_replace('/\\s{1,}/', ' ', trim(preg_replace('/\\([^\\)]*?\\)/', '', $text)))); } $html = ''; $menu = array(); // for menu tree $categories = $app->fetchAll("SELECT `id`, `name`, `parent` FROM `categories` WHERE `hidden` = 0 ORDER BY `name`"); // sections of top level for ($i = 0; $i < count($categories); $i++) {
$return = array('success' => '', 'error' => ''); // AngularJS transmits data using Content-Type: application/json and JSON serialization, // which unfortunately some Web server languages—notably PHP—do not unserialize natively. // So server has empty $_POST array. $http_post = json_decode(file_get_contents("php://input")); $review = $http_post->review; $product_id = intval($review->product_id); $rating = intval($review->product_rating); $captcha_id = intval($review->captcha_id); $captcha_value = intval($review->captcha_value); $product_name = htmlentities(strip_tags($review->product_name)); $product_review = htmlentities(strip_tags($review->product_review)); $name = htmlentities(strip_tags($review->user_name)); $phone = htmlentities(strip_tags($review->user_phone)); $email = htmlentities(strip_tags($review->user_email)); $options = $app->fetchAll('SELECT * FROM `options`'); if (count($options)) { foreach ($options as $key => $option) { ${$option}['name'] = $option['value']; } if ($app->execCount("DELETE FROM captchas WHERE id = {$captcha_id} AND value = {$captcha_value}")) { if ($product_id and $name and $phone and $email) { $num = $app->fetch("SELECT COUNT(*) FROM `reviews` WHERE `mail` = '{$email}' AND `product_id` = {$product_id}")['COUNT(*)']; if ($num) { $return['error'] .= $error_count++ . '. На этот товар вы уже оставили отзыв!'; } else { if (preg_match('#(.+)@(.+)\\.(.){2,6}#', $email) and strlen($email) < 100) { $code = md5(crypt($email, 'mms_shop')); $num = $app->execCount("INSERT INTO `reviews` (`name`, `phone`, `mail`, `review`, `product_id`, `product_name`," . " `rating`, `code`, `approved`, `create_tm`, `approve_tm`, `ip`) VALUES (" . $app->pdo->quote($name) . ", " . $app->pdo->quote($phone) . ", " . $app->pdo->quote($email) . ", " . $app->pdo->quote($product_review) . ", {$product_id}, " . $app->pdo->quote($product_name) . ", {$rating}, '{$code}', 0, " . time() . ", 0, '" . $_SERVER['REMOTE_ADDR'] . "' )"); if ($num) { // Sends email to customer to approve subscription
if (file_exists($image . 'gif')) { $image = '/' . $image . 'gif'; } else { $image = ''; } } // for cart $icon = '../tn/' . str_pad($product['id'], 4, '0', STR_PAD_LEFT) . '_m.'; if (file_exists($icon . 'jpg')) { $icon = '/' . $icon . 'jpg'; } else { if (file_exists($icon . 'gif')) { $icon = '/' . $icon . 'gif'; } else { $icon = ''; } } $rating_average = 0; $reviews = $app->fetchAll("SELECT rating FROM `reviews` WHERE `product_id` = {$prodId} AND `approved` = 1"); if (count($reviews)) { foreach ($reviews as $review) { $rating_average += 10 * $review['rating']; } $rating_average = round($rating_average / count($reviews)); $rating_average -= $rating_average % 5; } $return['product'] = array('id' => $prodId, 'name' => strip_tags($product['name']), 'price' => $product['price_out'], 'warranty' => $product['warranty'], 'short_desc' => $product['short_desc'], 'description' => $product['description'], 'icon' => $icon, 'image' => $image, 'delivery_time' => $product['delivery_time'], 'delivery_free' => $product['supplier'] == 'BEL' || $product['supplier'] == 'SIU' ? '1' : '0', 'delivery_n_a' => $product['absent'], 'date_update' => intval($product['date_update']) * 1000, 'date_add' => intval($product['date_add']) * 1000, 'rating' => $rating_average, 'rating_count' => count($reviews)); } else { $return['error'] .= $error_count++ . '. Количество товаров с таким ID равно ' . $num; } echo json_encode($return);
/** * Returns JSON brief data of search. * * @param string text Searched text. * @param number minprice Minimum price of searched products. * @param number maxprice Maximum price of searched products. * @param number current_page Current requested page. * @param number filter_sort_order Products page sort order. * * @return array JSON data of section. */ include 'app.inc'; $app = new App(); $error_count = 1; $return = array('error' => '', 'product_count' => 0, 'product' => array()); $options = $app->fetchAll('SELECT * FROM `options`'); if (count($options)) { foreach ($options as $key => $option) { ${$option}['name'] = $option['value']; } $text = isset($_GET['text']) ? strip_tags($_GET['text']) : ''; $current_page = isset($_GET['current_page']) ? (int) $_GET['current_page'] : 1; $filter_sort_order = isset($_GET['filter_sort_order']) ? (int) $_GET['filter_sort_order'] : $filter_sort_order; $filter_minprice = isset($_GET['filter_minprice']) ? (int) $_GET['filter_minprice'] : 0; $filter_maxprice = isset($_GET['filter_maxprice']) ? (int) $_GET['filter_maxprice'] : MAX_PRICE; $filter_stock = isset($_GET['filter_stock']) ? (int) $_GET['filter_stock'] : 0; $words = preg_split("/\\s+/", preg_replace('#( ){2,}#', '', trim($text)), 0, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY); $products_per_page = (int) $products_per_page < 1 ? 50 : $products_per_page; $current_page = $current_page < 1 ? 1 : $current_page; $filter_maxprice = $filter_maxprice > 0 ? $filter_maxprice : MAX_PRICE; if ($filter_minprice > $filter_maxprice) {
$error_count = 1; $return = array('navigation' => '', 'error' => ''); $id = (int) $_GET['id']; $productCount = $app->fetch("SELECT COUNT(*) FROM `products` WHERE `id` = {$id}")['COUNT(*)']; if ($productCount != 1) { $sectionCount = $app->fetch("SELECT COUNT(*) FROM `categories` WHERE `id` = {$id}")['COUNT(*)']; } if ($productCount == 1 or $sectionCount == 1) { if ($productCount) { $product = $app->fetch("SELECT `parent`, `name` FROM `products` WHERE `id` = {$id}"); $parent = $product['parent']; } else { $parent = $id; } if ($parent) { $category = $app->fetchAll("SELECT `id`, `name`, `parent` FROM `categories` WHERE `id` = " . $parent); while (count($category)) { array_push($buf, $category[0]['id'], $category[0]['name']); $category = $app->fetchAll("SELECT `id`, `name`, `parent` FROM `categories` WHERE `id` = " . $category[0]['parent']); } } } else { // main section id == 1. If so, suppress messege if ($id > 1) { $return['error'] .= $error_count++ . '. С этим id категорий и товаров не найдено. '; } } // Always show link on main page $buf[] = 1; $buf[] = 'Главная'; for ($i = count($buf); $i > 0; $i = $i - 2) {
<?php /** * Gets review status. * * @return array JSON data of result. */ include 'app.inc'; $app = new App(); $error_count = 1; $return = array('review' => array(), 'error' => ''); $prodId = isset($_GET['id']) ? (int) $_GET['id'] : 1; $num = $app->fetch("SELECT COUNT(*) FROM `reviews` WHERE product_id = {$prodId} AND `approved` = 1")['COUNT(*)']; if ($num) { $reviews = $app->fetchAll("SELECT * FROM `reviews` WHERE product_id = {$prodId} AND `approved` = 1 ORDER BY create_tm"); foreach ($reviews as $k => $review) { $return['review'][$k] = array('rating' => $review['rating'], 'name' => $review['name'], 'review' => $review['review'], 'create_tm' => date("Y-m-d H:i:s", intval($review['create_tm']))); } } echo json_encode($return);